0x86

2 exploits Active since Apr 2007
CVE-2007-2211 EXPLOITDB perl WORKING POC
MyBulletinBoard < 1.2.5 - SQL Injection via Calendar Day Parameter
SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a dayview action.
CVE-2007-2212 EXPLOITDB perl WORKING POC
MyBB <= 1.2.5 - SQL Injection via Calendar Year or Month Parameter
Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.